cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From prachida...@apache.org
Subject [16/18] git commit: updated refs/heads/rbac to 45a96e4
Date Wed, 26 Feb 2014 01:05:49 GMT
iam/server changes: Rename Acl to IAM


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/63098878
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/63098878
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/63098878

Branch: refs/heads/rbac
Commit: 6309887800c74b4049558a85ba18f5a14749b72b
Parents: 187f9cd
Author: Prachi Damle <prachi@cloud.com>
Authored: Tue Feb 25 16:41:53 2014 -0800
Committer: Prachi Damle <prachi@cloud.com>
Committed: Tue Feb 25 16:43:25 2014 -0800

----------------------------------------------------------------------
 .../cloudstack/iam/IAMApiServiceImpl.java       |  56 ++++-----
 .../iam/RoleBasedAPIAccessChecker.java          |  18 +--
 .../iam/RoleBasedEntityAccessChecker.java       |  10 +-
 .../iam/RoleBasedEntityQuerySelector.java       |  16 +--
 .../apache/cloudstack/iam/api/IAMService.java   |  42 +++----
 .../iam/server/IAMAccountPolicyMapVO.java       |  10 +-
 .../cloudstack/iam/server/IAMServiceImpl.java   | 116 +++++++++----------
 .../server/dao/IAMAccountPolicyMapDaoImpl.java  |   4 +-
 .../cloudstack/iam/IAMServiceUnitTest.java      |  12 +-
 9 files changed, 142 insertions(+), 142 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63098878/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java b/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
index de57a41..393fe0e 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
@@ -149,7 +149,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
                 if (domainId != null) {
                     s_logger.debug("MessageBus message: new Domain created: " + domainId + ", creating a new group");
                     Domain domain = _domainDao.findById(domainId);
-                    _iamSrv.createAclGroup("DomainGrp-" + domain.getUuid(), "Domain group", domain.getPath());
+                    _iamSrv.createIAMGroup("DomainGrp-" + domain.getUuid(), "Domain group", domain.getPath());
                 }
             }
         });
@@ -163,7 +163,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
                     Domain domain = _domainDao.findById(domainId);
                     List<IAMGroup> groups = listDomainGroup(domain);
                     for (IAMGroup group : groups) {
-                        _iamSrv.deleteAclGroup(group.getId());
+                        _iamSrv.deleteIAMGroup(group.getId());
                     }
                 }
             }
@@ -175,9 +175,9 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
                 Long templateId = (Long)obj;
                 if (templateId != null) {
                     s_logger.debug("MessageBus message: new public template registered: " + templateId + ", grant permission to domain admin and normal user policies");
-                    _iamSrv.addAclPermissionToAclPolicy(new Long(Account.ACCOUNT_TYPE_DOMAIN_ADMIN + 1), IAMEntityType.VirtualMachineTemplate.toString(),
+                    _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_DOMAIN_ADMIN + 1), IAMEntityType.VirtualMachineTemplate.toString(),
                             PermissionScope.RESOURCE.toString(), templateId, "listTemplates", AccessType.UseEntry.toString(), Permission.Allow, false);
-                    _iamSrv.addAclPermissionToAclPolicy(new Long(Account.ACCOUNT_TYPE_NORMAL + 1), IAMEntityType.VirtualMachineTemplate.toString(),
+                    _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_NORMAL + 1), IAMEntityType.VirtualMachineTemplate.toString(),
                             PermissionScope.RESOURCE.toString(), templateId, "listTemplates", AccessType.UseEntry.toString(), Permission.Allow, false);
                 }
             }
@@ -202,7 +202,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
                     String entityType = entity.first().toString();
                     Long entityId = entity.second();
                     s_logger.debug("MessageBus message: delete an entity: (" + entityType + "," + entityId + "), remove its related permission");
-                    _iamSrv.removeAclPermissionForEntity(entityType, entityId);
+                    _iamSrv.removeIAMPermissionForEntity(entityType, entityId);
                 }
             }
         });
@@ -275,8 +275,8 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
 
        Domain domain = _domainDao.findById(domainId);
        if (domain != null) {
-            IAMPolicy policy = _iamSrv.createAclPolicy(policyName, description, null, domain.getPath());
-            _iamSrv.addAclPermissionToAclPolicy(policy.getId(), entityType, PermissionScope.RESOURCE.toString(),
+            IAMPolicy policy = _iamSrv.createIAMPolicy(policyName, description, null, domain.getPath());
+            _iamSrv.addIAMPermissionToIAMPolicy(policy.getId(), entityType, PermissionScope.RESOURCE.toString(),
                     entityId, action, accessType.toString(), Permission.Allow, recursive);
             List<Long> policyList = new ArrayList<Long>();
             policyList.add(new Long(policy.getId()));
@@ -284,7 +284,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
            List<IAMGroup> domainGroups = listDomainGroup(domain);
            if (domainGroups != null) {
                for (IAMGroup group : domainGroups) {
-                   _iamSrv.attachAclPoliciesToGroup(policyList, group.getId());
+                   _iamSrv.attachIAMPoliciesToGroup(policyList, group.getId());
                }
            }
        }
@@ -299,19 +299,19 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
         if (callerDomain == null) {
             throw new InvalidParameterValueException("Caller does not have a domain");
         }
-        return _iamSrv.createAclGroup(iamGroupName, description, callerDomain.getPath());
+        return _iamSrv.createIAMGroup(iamGroupName, description, callerDomain.getPath());
     }
 
     @DB
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_IAM_GROUP_DELETE, eventDescription = "Deleting Acl Group")
     public boolean deleteIAMGroup(final Long iamGroupId) {
-        return _iamSrv.deleteAclGroup(iamGroupId);
+        return _iamSrv.deleteIAMGroup(iamGroupId);
     }
 
     @Override
     public List<IAMGroup> listIAMGroups(long accountId) {
-        return _iamSrv.listAclGroups(accountId);
+        return _iamSrv.listIAMGroups(accountId);
     }
 
 
@@ -356,34 +356,34 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
         if (callerDomain == null) {
             throw new InvalidParameterValueException("Caller does not have a domain");
         }
-        return _iamSrv.createAclPolicy(iamPolicyName, description, parentPolicyId, callerDomain.getPath());
+        return _iamSrv.createIAMPolicy(iamPolicyName, description, parentPolicyId, callerDomain.getPath());
     }
 
     @DB
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_IAM_POLICY_DELETE, eventDescription = "Deleting IAM Policy")
     public boolean deleteIAMPolicy(final long iamPolicyId) {
-        return _iamSrv.deleteAclPolicy(iamPolicyId);
+        return _iamSrv.deleteIAMPolicy(iamPolicyId);
     }
 
 
     @Override
     public List<IAMPolicy> listIAMPolicies(long accountId) {
-        return _iamSrv.listAclPolicies(accountId);
+        return _iamSrv.listIAMPolicies(accountId);
     }
 
     @DB
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_IAM_GROUP_UPDATE, eventDescription = "Attaching policy to acl group")
     public IAMGroup attachIAMPoliciesToGroup(final List<Long> policyIds, final Long groupId) {
-        return _iamSrv.attachAclPoliciesToGroup(policyIds, groupId);
+        return _iamSrv.attachIAMPoliciesToGroup(policyIds, groupId);
     }
 
     @DB
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_IAM_GROUP_UPDATE, eventDescription = "Removing policies from acl group")
     public IAMGroup removeIAMPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
-        return _iamSrv.removeAclPoliciesFromGroup(policyIds, groupId);
+        return _iamSrv.removeIAMPoliciesFromGroup(policyIds, groupId);
     }
 
 
@@ -391,14 +391,14 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_IAM_ACCOUNT_POLICY_UPDATE, eventDescription = "Attaching policy to accounts")
     public void attachIAMPolicyToAccounts(final Long policyId, final List<Long> accountIds) {
-        _iamSrv.attachAclPolicyToAccounts(policyId, accountIds);
+        _iamSrv.attachIAMPolicyToAccounts(policyId, accountIds);
     }
 
     @DB
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_IAM_ACCOUNT_POLICY_UPDATE, eventDescription = "Removing policy from accounts")
     public void removeIAMPolicyFromAccounts(final Long policyId, final List<Long> accountIds) {
-        _iamSrv.removeAclPolicyFromAccounts(policyId, accountIds);
+        _iamSrv.removeIAMPolicyFromAccounts(policyId, accountIds);
     }
 
     @DB
@@ -411,7 +411,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
         if (BaseListCmd.class.isAssignableFrom(cmdClass)) {
             accessType = AccessType.UseEntry;
         }
-        return _iamSrv.addAclPermissionToAclPolicy(iamPolicyId, entityType, scope.toString(), scopeId, action,
+        return _iamSrv.addIAMPermissionToIAMPolicy(iamPolicyId, entityType, scope.toString(), scopeId, action,
                 accessType.toString(), perm, recursive);
     }
 
@@ -419,12 +419,12 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_IAM_POLICY_REVOKE, eventDescription = "Revoking acl permission from IAM Policy")
     public IAMPolicy removeIAMPermissionFromIAMPolicy(long iamPolicyId, String entityType, PermissionScope scope, Long scopeId, String action) {
-        return _iamSrv.removeAclPermissionFromAclPolicy(iamPolicyId, entityType, scope.toString(), scopeId, action);
+        return _iamSrv.removeIAMPermissionFromIAMPolicy(iamPolicyId, entityType, scope.toString(), scopeId, action);
     }
 
     @Override
     public IAMPolicyPermission getIAMPolicyPermission(long accountId, String entityType, String action) {
-        List<IAMPolicy> policies = _iamSrv.listAclPolicies(accountId);
+        List<IAMPolicy> policies = _iamSrv.listIAMPolicies(accountId);
         IAMPolicyPermission curPerm = null;
         for (IAMPolicy policy : policies) {
             List<IAMPolicyPermission> perms = _iamSrv.listPolicyPermissionByActionAndEntity(policy.getId(), action,
@@ -515,7 +515,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
         }
 
         // find all the policies attached to this group
-        List<IAMPolicy> policies = _iamSrv.listAclPoliciesByGroup(group.getId());
+        List<IAMPolicy> policies = _iamSrv.listIAMPoliciesByGroup(group.getId());
         if (policies != null && policies.size() > 0) {
             for (IAMPolicy policy : policies) {
                 response.addPolicy(policy.getName());
@@ -532,7 +532,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
         if (domain != null) {
             String domainPath = domain.getPath();
             // search for groups
-            Pair<List<IAMGroup>, Integer> result = _iamSrv.listAclGroups(null, "DomainGrp-" + domain.getUuid(),
+            Pair<List<IAMGroup>, Integer> result = _iamSrv.listIAMGroups(null, "DomainGrp-" + domain.getUuid(),
                     domainPath, null, null);
             return result.first();
         }
@@ -558,7 +558,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
         }
         String domainPath = domain.getPath();
         // search for groups
-        Pair<List<IAMGroup>, Integer> result = _iamSrv.listAclGroups(iamGroupId, iamGroupName, domainPath, startIndex, pageSize);
+        Pair<List<IAMGroup>, Integer> result = _iamSrv.listIAMGroups(iamGroupId, iamGroupName, domainPath, startIndex, pageSize);
         // generate group response
         ListResponse<IAMGroupResponse> response = new ListResponse<IAMGroupResponse>();
         List<IAMGroupResponse> groupResponses = new ArrayList<IAMGroupResponse>();
@@ -589,7 +589,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
         }
         String domainPath = domain.getPath();
         // search for policies
-        Pair<List<IAMPolicy>, Integer> result = _iamSrv.listAclPolicies(iamPolicyId, iamPolicyName, domainPath, startIndex, pageSize);
+        Pair<List<IAMPolicy>, Integer> result = _iamSrv.listIAMPolicies(iamPolicyId, iamPolicyName, domainPath, startIndex, pageSize);
         // generate policy response
         ListResponse<IAMPolicyResponse> response = new ListResponse<IAMPolicyResponse>();
         List<IAMPolicyResponse> policyResponses = new ArrayList<IAMPolicyResponse>();
@@ -653,9 +653,9 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
 
     private void resetTemplatePermission(Long templateId){
         // reset template will change template to private, so we need to remove its permission for domain admin and normal user group
-        _iamSrv.removeAclPermissionFromAclPolicy(new Long(Account.ACCOUNT_TYPE_DOMAIN_ADMIN + 1), IAMEntityType.VirtualMachineTemplate.toString(),
+        _iamSrv.removeIAMPermissionFromIAMPolicy(new Long(Account.ACCOUNT_TYPE_DOMAIN_ADMIN + 1), IAMEntityType.VirtualMachineTemplate.toString(),
                 PermissionScope.RESOURCE.toString(), templateId, "listTemplates");
-        _iamSrv.removeAclPermissionFromAclPolicy(new Long(Account.ACCOUNT_TYPE_NORMAL + 1), IAMEntityType.VirtualMachineTemplate.toString(),
+        _iamSrv.removeIAMPermissionFromIAMPolicy(new Long(Account.ACCOUNT_TYPE_NORMAL + 1), IAMEntityType.VirtualMachineTemplate.toString(),
                 PermissionScope.RESOURCE.toString(), templateId, "listTemplates");
         // check if there is a policy with only UseEntry permission for this template added
         IAMPolicy policy = _iamSrv.getResourceGrantPolicy(IAMEntityType.VirtualMachineTemplate.toString(), templateId, AccessType.UseEntry.toString(), "listTemplates");
@@ -664,7 +664,7 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
             return;
         }
         // delete the policy, which should detach it from groups and accounts
-        _iamSrv.deleteAclPolicy(policy.getId());
+        _iamSrv.deleteIAMPolicy(policy.getId());
 
     }
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63098878/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedAPIAccessChecker.java
----------------------------------------------------------------------
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedAPIAccessChecker.java b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedAPIAccessChecker.java
index 48e6ede..fb75db3 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedAPIAccessChecker.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedAPIAccessChecker.java
@@ -90,7 +90,7 @@ public class RoleBasedAPIAccessChecker extends AdapterBase implements APIChecker
                     + "is null");
         }
 
-        List<IAMPolicy> policies = _iamSrv.listAclPolicies(account.getAccountId());
+        List<IAMPolicy> policies = _iamSrv.listIAMPolicies(account.getAccountId());
 
         boolean isAllowed = _iamSrv.isActionAllowedForPolicies(commandName, policies);
         if (!isAllowed) {
@@ -117,25 +117,25 @@ public class RoleBasedAPIAccessChecker extends AdapterBase implements APIChecker
         for (RoleType role : RoleType.values()) {
             Long policyId = getDefaultPolicyId(role);
             if (policyId != null) {
-                _iamSrv.resetAclPolicy(policyId);
+                _iamSrv.resetIAMPolicy(policyId);
             }
          }
 
         // add the system-domain capability
 
-        _iamSrv.addAclPermissionToAclPolicy(new Long(Account.ACCOUNT_TYPE_ADMIN + 1), null, null, null,
+        _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_ADMIN + 1), null, null, null,
                 "SystemCapability", null, Permission.Allow, false);
-        _iamSrv.addAclPermissionToAclPolicy(new Long(Account.ACCOUNT_TYPE_DOMAIN_ADMIN + 1), null, null, null,
+        _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_DOMAIN_ADMIN + 1), null, null, null,
                 "DomainCapability", null, Permission.Allow, false);
-        _iamSrv.addAclPermissionToAclPolicy(new Long(Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN + 1), null, null, null,
+        _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN + 1), null, null, null,
                 "DomainResourceCapability", null, Permission.Allow, false);
 
         // add permissions for public templates
         List<VMTemplateVO> pTmplts = _templateDao.listByPublic();
         for (VMTemplateVO tmpl : pTmplts){
-            _iamSrv.addAclPermissionToAclPolicy(new Long(Account.ACCOUNT_TYPE_DOMAIN_ADMIN + 1), IAMEntityType.VirtualMachineTemplate.toString(),
+            _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_DOMAIN_ADMIN + 1), IAMEntityType.VirtualMachineTemplate.toString(),
                     PermissionScope.RESOURCE.toString(), tmpl.getId(), "listTemplates", AccessType.UseEntry.toString(), Permission.Allow, false);
-            _iamSrv.addAclPermissionToAclPolicy(new Long(Account.ACCOUNT_TYPE_NORMAL + 1), IAMEntityType.VirtualMachineTemplate.toString(),
+            _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_NORMAL + 1), IAMEntityType.VirtualMachineTemplate.toString(),
                     PermissionScope.RESOURCE.toString(), tmpl.getId(), "listTemplates", AccessType.UseEntry.toString(), Permission.Allow, false);
         }
 
@@ -259,11 +259,11 @@ public class RoleBasedAPIAccessChecker extends AdapterBase implements APIChecker
 
 
         if (entityTypes == null || entityTypes.length == 0) {
-            _iamSrv.addAclPermissionToAclPolicy(policyId, null, permissionScope.toString(), new Long(IAMPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER),
+            _iamSrv.addIAMPermissionToIAMPolicy(policyId, null, permissionScope.toString(), new Long(IAMPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER),
                     apiName, (accessType == null) ? null : accessType.toString(), Permission.Allow, false);
         } else {
             for (IAMEntityType entityType : entityTypes) {
-                _iamSrv.addAclPermissionToAclPolicy(policyId, entityType.toString(), permissionScope.toString(), new Long(IAMPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER),
+                _iamSrv.addIAMPermissionToIAMPolicy(policyId, entityType.toString(), permissionScope.toString(), new Long(IAMPolicyPermission.PERMISSION_SCOPE_ID_CURRENT_CALLER),
                         apiName, (accessType == null) ? null : accessType.toString(), Permission.Allow, false);
             }
          }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63098878/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
----------------------------------------------------------------------
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
index 13f6914..d0d9d88 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
@@ -64,7 +64,7 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
 
         if (entity == null && action != null) {
             // check if caller can do this action
-            List<IAMPolicy> policies = _iamSrv.listAclPolicies(caller.getAccountId());
+            List<IAMPolicy> policies = _iamSrv.listIAMPolicies(caller.getAccountId());
 
             boolean isAllowed = _iamSrv.isActionAllowedForPolicies(action, policies);
             if (!isAllowed) {
@@ -164,7 +164,7 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
     private List<IAMPolicy> getEffectivePolicies(Account caller, ControlledEntity entity) {
 
         // Get the static Policies of the Caller
-        List<IAMPolicy> policies = _iamSrv.listAclPolicies(caller.getId());
+        List<IAMPolicy> policies = _iamSrv.listIAMPolicies(caller.getId());
 
         // add any dynamic policies w.r.t the entity
         if (caller.getId() == entity.getAccountId()) {
@@ -172,12 +172,12 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
             policies.add(_iamSrv.getResourceOwnerPolicy());
         }
 
-        List<IAMGroup> groups = _iamSrv.listAclGroups(caller.getId());
+        List<IAMGroup> groups = _iamSrv.listIAMGroups(caller.getId());
         for (IAMGroup group : groups) {
             // for each group find the grand parent groups.
-            List<IAMGroup> parentGroups = _iamSrv.listParentAclGroups(group.getId());
+            List<IAMGroup> parentGroups = _iamSrv.listParentIAMGroups(group.getId());
             for (IAMGroup parentGroup : parentGroups) {
-                policies.addAll(_iamSrv.listRecursiveAclPoliciesByGroup(parentGroup.getId()));
+                policies.addAll(_iamSrv.listRecursiveIAMPoliciesByGroup(parentGroup.getId()));
             }
         }
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63098878/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityQuerySelector.java
----------------------------------------------------------------------
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityQuerySelector.java b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityQuerySelector.java
index 596ac7e..23c57a1 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityQuerySelector.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityQuerySelector.java
@@ -44,7 +44,7 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
     public List<Long> getAuthorizedDomains(Account caller, String action) {
         long accountId = caller.getAccountId();
         // Get the static Policies of the Caller
-        List<IAMPolicy> policies = _iamService.listAclPolicies(accountId);
+        List<IAMPolicy> policies = _iamService.listIAMPolicies(accountId);
         // for each policy, find granted permission with Domain scope
         List<Long> domainIds = new ArrayList<Long>();
         for (IAMPolicy policy : policies) {
@@ -68,7 +68,7 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
     public List<Long> getAuthorizedAccounts(Account caller, String action) {
         long accountId = caller.getAccountId();
         // Get the static Policies of the Caller
-        List<IAMPolicy> policies = _iamService.listAclPolicies(accountId);
+        List<IAMPolicy> policies = _iamService.listIAMPolicies(accountId);
         // for each policy, find granted permission with Account scope
         List<Long> accountIds = new ArrayList<Long>();
         for (IAMPolicy policy : policies) {
@@ -92,15 +92,15 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
     public List<Long> getAuthorizedResources(Account caller, String action) {
         long accountId = caller.getAccountId();
         // Get the static Policies of the Caller
-        List<IAMPolicy> policies = _iamService.listAclPolicies(accountId);
+        List<IAMPolicy> policies = _iamService.listIAMPolicies(accountId);
 
         // add the policies that grant recursive access
-        List<IAMGroup> groups = _iamService.listAclGroups(caller.getId());
+        List<IAMGroup> groups = _iamService.listIAMGroups(caller.getId());
         for (IAMGroup group : groups) {
             // for each group find the grand parent groups.
-            List<IAMGroup> parentGroups = _iamService.listParentAclGroups(group.getId());
+            List<IAMGroup> parentGroups = _iamService.listParentIAMGroups(group.getId());
             for (IAMGroup parentGroup : parentGroups) {
-                policies.addAll(_iamService.listRecursiveAclPoliciesByGroup(parentGroup.getId()));
+                policies.addAll(_iamService.listRecursiveIAMPoliciesByGroup(parentGroup.getId()));
             }
         }
 
@@ -123,7 +123,7 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
     public boolean isGrantedAll(Account caller, String action) {
         long accountId = caller.getAccountId();
         // Get the static Policies of the Caller
-        List<IAMPolicy> policies = _iamService.listAclPolicies(accountId);
+        List<IAMPolicy> policies = _iamService.listIAMPolicies(accountId);
         // for each policy, find granted permission with ALL scope
         for (IAMPolicy policy : policies) {
             List<IAMPolicyPermission> pp = _iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.ALL.toString());
@@ -136,7 +136,7 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements QuerySe
 
     @Override
     public List<String> listAclGroupsByAccount(long accountId) {
-        List<IAMGroup> groups = _iamService.listAclGroups(accountId);
+        List<IAMGroup> groups = _iamService.listIAMGroups(accountId);
         List<String> groupNames = new ArrayList<String>();
         for (IAMGroup grp : groups) {
             groupNames.add(grp.getName());

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63098878/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
index 6eb61fa..74a0885 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
@@ -24,12 +24,12 @@ import com.cloud.utils.Pair;
 
 public interface IAMService {
 
-    /* ACL group related interfaces */
-    IAMGroup createAclGroup(String aclGroupName, String description, String path);
+    /* IAM group related interfaces */
+    IAMGroup createIAMGroup(String iamGroupName, String description, String path);
 
-    boolean deleteAclGroup(Long aclGroupId);
+    boolean deleteIAMGroup(Long iamGroupId);
 
-    List<IAMGroup> listAclGroups(long accountId);
+    List<IAMGroup> listIAMGroups(long accountId);
 
     IAMGroup addAccountsToGroup(List<Long> acctIds, Long groupId);
 
@@ -37,34 +37,34 @@ public interface IAMService {
 
     List<Long> listAccountsByGroup(long groupId);
 
-    Pair<List<IAMGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize);
+    Pair<List<IAMGroup>, Integer> listIAMGroups(Long iamGroupId, String iamGroupName, String path, Long startIndex, Long pageSize);
 
-    /* ACL Policy related interfaces */
-    IAMPolicy createAclPolicy(String aclPolicyName, String description, Long parentPolicyId, String path);
+    /* IAM Policy related interfaces */
+    IAMPolicy createIAMPolicy(String iamPolicyName, String description, Long parentPolicyId, String path);
 
-    boolean deleteAclPolicy(long aclPolicyId);
+    boolean deleteIAMPolicy(long iamPolicyId);
 
-    List<IAMPolicy> listAclPolicies(long accountId);
+    List<IAMPolicy> listIAMPolicies(long accountId);
 
-    List<IAMPolicy> listAclPoliciesByGroup(long groupId);
+    List<IAMPolicy> listIAMPoliciesByGroup(long groupId);
 
-    Pair<List<IAMPolicy>, Integer> listAclPolicies(Long aclPolicyId, String aclPolicyName, String path, Long startIndex, Long pageSize);
+    Pair<List<IAMPolicy>, Integer> listIAMPolicies(Long iamPolicyId, String iamPolicyName, String path, Long startIndex, Long pageSize);
 
-    IAMGroup attachAclPoliciesToGroup(List<Long> policyIds, Long groupId);
+    IAMGroup attachIAMPoliciesToGroup(List<Long> policyIds, Long groupId);
 
-    IAMGroup removeAclPoliciesFromGroup(List<Long> policyIds, Long groupId);
+    IAMGroup removeIAMPoliciesFromGroup(List<Long> policyIds, Long groupId);
 
-    void attachAclPolicyToAccounts(Long policyId, List<Long> acctIds);
+    void attachIAMPolicyToAccounts(Long policyId, List<Long> acctIds);
 
-    void removeAclPolicyFromAccounts(Long policyId, List<Long> acctIds);
+    void removeIAMPolicyFromAccounts(Long policyId, List<Long> acctIds);
 
-    IAMPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    IAMPolicy addIAMPermissionToIAMPolicy(long iamPolicyId, String entityType, String scope, Long scopeId,
             String action, String accessType, Permission perm, Boolean recursive);
 
-    IAMPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    IAMPolicy removeIAMPermissionFromIAMPolicy(long iamPolicyId, String entityType, String scope, Long scopeId,
             String action);
 
-    void removeAclPermissionForEntity(final String entityType, final Long entityId);
+    void removeIAMPermissionForEntity(final String entityType, final Long entityId);
 
     IAMPolicy getResourceGrantPolicy(String entityType, Long entityId, String accessType, String action);
 
@@ -80,13 +80,13 @@ public interface IAMService {
 
     List<Long> getGrantedEntities(long accountId, String action, String scope);
 
-    IAMPolicy resetAclPolicy(long aclPolicyId);
+    IAMPolicy resetIAMPolicy(long iamPolicyId);
 
     List<IAMPolicyPermission> listPolicyPermissionByAccessAndEntity(long policyId, String accessType,
             String entityType);
 
-    List<IAMGroup> listParentAclGroups(long groupId);
+    List<IAMGroup> listParentIAMGroups(long groupId);
 
-    List<IAMPolicy> listRecursiveAclPoliciesByGroup(long groupId);
+    List<IAMPolicy> listRecursiveIAMPoliciesByGroup(long groupId);
 
 }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63098878/services/iam/server/src/org/apache/cloudstack/iam/server/IAMAccountPolicyMapVO.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMAccountPolicyMapVO.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMAccountPolicyMapVO.java
index 8f3ac7d..a537655 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMAccountPolicyMapVO.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMAccountPolicyMapVO.java
@@ -39,7 +39,7 @@ public class IAMAccountPolicyMapVO {
     private long accountId;
 
     @Column(name = "policy_id")
-    private long aclPolicyId;
+    private long iamPolicyId;
 
     @Column(name = GenericDao.REMOVED_COLUMN)
     private Date removed;
@@ -50,9 +50,9 @@ public class IAMAccountPolicyMapVO {
     public IAMAccountPolicyMapVO() {
     }
 
-    public IAMAccountPolicyMapVO(long accountId, long aclPolicyId) {
+    public IAMAccountPolicyMapVO(long accountId, long iamPolicyId) {
         this.accountId = accountId;
-        this.aclPolicyId = aclPolicyId;
+        this.iamPolicyId = iamPolicyId;
     }
 
     public long getId() {
@@ -63,8 +63,8 @@ public class IAMAccountPolicyMapVO {
         return accountId;
     }
 
-    public long getAclPolicyId() {
-        return aclPolicyId;
+    public long getIAMPolicyId() {
+        return iamPolicyId;
     }
 
     public Date getRemoved() {

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63098878/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
index 02da7c3..11af27e 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
@@ -84,15 +84,15 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public IAMGroup createAclGroup(String aclGroupName, String description, String path) {
+    public IAMGroup createIAMGroup(String iamGroupName, String description, String path) {
         // check if the group is already existing
-        IAMGroup grp = _aclGroupDao.findByName(path, aclGroupName);
+        IAMGroup grp = _aclGroupDao.findByName(path, iamGroupName);
         if (grp != null) {
             throw new InvalidParameterValueException(
-                    "Unable to create acl group with name " + aclGroupName
+                    "Unable to create acl group with name " + iamGroupName
                     + " already exisits for path " + path);
         }
-        IAMGroupVO rvo = new IAMGroupVO(aclGroupName, description);
+        IAMGroupVO rvo = new IAMGroupVO(iamGroupName, description);
         rvo.setPath(path);
 
         return _aclGroupDao.persist(rvo);
@@ -100,11 +100,11 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public boolean deleteAclGroup(final Long aclGroupId) {
+    public boolean deleteIAMGroup(final Long iamGroupId) {
         // get the Acl Group entity
-        final IAMGroup grp = _aclGroupDao.findById(aclGroupId);
+        final IAMGroup grp = _aclGroupDao.findById(iamGroupId);
         if (grp == null) {
-            throw new InvalidParameterValueException("Unable to find acl group: " + aclGroupId
+            throw new InvalidParameterValueException("Unable to find acl group: " + iamGroupId
                     + "; failed to delete acl group.");
         }
 
@@ -128,7 +128,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
                 }
 
                 // remove this group from acl_group table
-                _aclGroupDao.remove(aclGroupId);
+                _aclGroupDao.remove(iamGroupId);
             }
         });
 
@@ -137,7 +137,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<IAMGroup> listAclGroups(long accountId) {
+    public List<IAMGroup> listIAMGroups(long accountId) {
 
         GenericSearchBuilder<IAMGroupAccountMapVO, Long> groupSB = _aclGroupAccountMapDao.createSearchBuilder(Long.class);
         groupSB.selectFields(groupSB.entity().getAclGroupId());
@@ -225,11 +225,11 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     }
 
     @Override
-    public Pair<List<IAMGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize) {
-        if (aclGroupId != null) {
-            IAMGroup group = _aclGroupDao.findById(aclGroupId);
+    public Pair<List<IAMGroup>, Integer> listIAMGroups(Long iamGroupId, String iamGroupName, String path, Long startIndex, Long pageSize) {
+        if (iamGroupId != null) {
+            IAMGroup group = _aclGroupDao.findById(iamGroupId);
             if (group == null) {
-                throw new InvalidParameterValueException("Unable to find acl group by id " + aclGroupId);
+                throw new InvalidParameterValueException("Unable to find acl group by id " + iamGroupId);
             }
         }
 
@@ -242,12 +242,12 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         SearchCriteria<IAMGroupVO> sc = sb.create();
 
-        if (aclGroupName != null) {
-            sc.setParameters("name", aclGroupName);
+        if (iamGroupName != null) {
+            sc.setParameters("name", iamGroupName);
         }
 
-        if (aclGroupId != null) {
-            sc.setParameters("id", aclGroupId);
+        if (iamGroupId != null) {
+            sc.setParameters("id", iamGroupId);
         }
 
         sc.setParameters("path", path + "%");
@@ -257,7 +257,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     }
 
     @Override
-    public List<IAMGroup> listParentAclGroups(long groupId) {
+    public List<IAMGroup> listParentIAMGroups(long groupId) {
         IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group by id " + groupId);
@@ -294,20 +294,20 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public IAMPolicy createAclPolicy(final String aclPolicyName, final String description, final Long parentPolicyId, final String path) {
+    public IAMPolicy createIAMPolicy(final String iamPolicyName, final String description, final Long parentPolicyId, final String path) {
 
         // check if the policy is already existing
-        IAMPolicy ro = _aclPolicyDao.findByName(aclPolicyName);
+        IAMPolicy ro = _aclPolicyDao.findByName(iamPolicyName);
         if (ro != null) {
             throw new InvalidParameterValueException(
-                    "Unable to create acl policy with name " + aclPolicyName
+                    "Unable to create acl policy with name " + iamPolicyName
                     + " already exisits");
         }
 
         IAMPolicy role = Transaction.execute(new TransactionCallback<IAMPolicy>() {
             @Override
             public IAMPolicy doInTransaction(TransactionStatus status) {
-                IAMPolicyVO rvo = new IAMPolicyVO(aclPolicyName, description);
+                IAMPolicyVO rvo = new IAMPolicyVO(iamPolicyName, description);
                 rvo.setPath(path);
 
                 IAMPolicy role = _aclPolicyDao.persist(rvo);
@@ -331,11 +331,11 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public boolean deleteAclPolicy(final long aclPolicyId) {
+    public boolean deleteIAMPolicy(final long iamPolicyId) {
         // get the Acl Policy entity
-        final IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        final IAMPolicy policy = _aclPolicyDao.findById(iamPolicyId);
         if (policy == null) {
-            throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
+            throw new InvalidParameterValueException("Unable to find acl policy: " + iamPolicyId
                     + "; failed to delete acl policy.");
         }
 
@@ -367,7 +367,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
                 }
 
                 // remove this role from acl_role table
-                _aclPolicyDao.remove(aclPolicyId);
+                _aclPolicyDao.remove(iamPolicyId);
             }
         });
 
@@ -377,7 +377,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<IAMPolicy> listAclPolicies(long accountId) {
+    public List<IAMPolicy> listIAMPolicies(long accountId) {
 
         // static policies of the account
         SearchBuilder<IAMGroupAccountMapVO> groupSB = _aclGroupAccountMapDao.createSearchBuilder();
@@ -395,7 +395,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
         // add policies directly attached to the account
         List<IAMAccountPolicyMapVO> acctPolicies = _aclAccountPolicyMapDao.listByAccountId(accountId);
         for (IAMAccountPolicyMapVO p : acctPolicies) {
-            policyIds.add(p.getAclPolicyId());
+            policyIds.add(p.getIAMPolicyId());
         }
         if (policyIds.size() == 0) {
             return new ArrayList<IAMPolicy>();
@@ -413,7 +413,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<IAMPolicy> listAclPoliciesByGroup(long groupId) {
+    public List<IAMPolicy> listIAMPoliciesByGroup(long groupId) {
         List<IAMGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
         if (policyGrpMap == null || policyGrpMap.size() == 0) {
             return new ArrayList<IAMPolicy>();
@@ -436,7 +436,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<IAMPolicy> listRecursiveAclPoliciesByGroup(long groupId) {
+    public List<IAMPolicy> listRecursiveIAMPoliciesByGroup(long groupId) {
         List<IAMGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
         if (policyGrpMap == null || policyGrpMap.size() == 0) {
             return new ArrayList<IAMPolicy>();
@@ -468,12 +468,12 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public Pair<List<IAMPolicy>, Integer> listAclPolicies(Long aclPolicyId, String aclPolicyName, String path, Long startIndex, Long pageSize) {
+    public Pair<List<IAMPolicy>, Integer> listIAMPolicies(Long iamPolicyId, String iamPolicyName, String path, Long startIndex, Long pageSize) {
 
-        if (aclPolicyId != null) {
-            IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        if (iamPolicyId != null) {
+            IAMPolicy policy = _aclPolicyDao.findById(iamPolicyId);
             if (policy == null) {
-                throw new InvalidParameterValueException("Unable to find acl policy by id " + aclPolicyId);
+                throw new InvalidParameterValueException("Unable to find acl policy by id " + iamPolicyId);
             }
         }
 
@@ -486,12 +486,12 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         SearchCriteria<IAMPolicyVO> sc = sb.create();
 
-        if (aclPolicyName != null) {
-            sc.setParameters("name", aclPolicyName);
+        if (iamPolicyName != null) {
+            sc.setParameters("name", iamPolicyName);
         }
 
-        if (aclPolicyId != null) {
-            sc.setParameters("id", aclPolicyId);
+        if (iamPolicyId != null) {
+            sc.setParameters("id", iamPolicyId);
         }
 
         sc.setParameters("path", path + "%");
@@ -504,7 +504,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public IAMGroup attachAclPoliciesToGroup(final List<Long> policyIds, final Long groupId) {
+    public IAMGroup attachIAMPoliciesToGroup(final List<Long> policyIds, final Long groupId) {
         // get the Acl Group entity
         IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
@@ -538,7 +538,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public IAMGroup removeAclPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
+    public IAMGroup removeIAMPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
         // get the Acl Group entity
         IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
@@ -570,7 +570,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
 
     @Override
-    public void attachAclPolicyToAccounts(final Long policyId, final List<Long> acctIds) {
+    public void attachIAMPolicyToAccounts(final Long policyId, final List<Long> acctIds) {
         IAMPolicy policy = _aclPolicyDao.findById(policyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
@@ -594,7 +594,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     }
 
     @Override
-    public void removeAclPolicyFromAccounts(final Long policyId, final List<Long> acctIds) {
+    public void removeIAMPolicyFromAccounts(final Long policyId, final List<Long> acctIds) {
         IAMPolicy policy = _aclPolicyDao.findById(policyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
@@ -619,20 +619,20 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public IAMPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    public IAMPolicy addIAMPermissionToIAMPolicy(long iamPolicyId, String entityType, String scope, Long scopeId,
             String action, String accessType, Permission perm, Boolean recursive) {
         // get the Acl Policy entity
-        IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        IAMPolicy policy = _aclPolicyDao.findById(iamPolicyId);
         if (policy == null) {
-            throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
+            throw new InvalidParameterValueException("Unable to find acl policy: " + iamPolicyId
                     + "; failed to add permission to policy.");
         }
 
         // add entry in acl_policy_permission table
-        IAMPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, perm);
+        IAMPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(iamPolicyId, entityType, scope, scopeId, action, perm);
         if (permit == null) {
             // not there already
-            permit = new IAMPolicyPermissionVO(aclPolicyId, action, entityType, accessType, scope, scopeId, perm,
+            permit = new IAMPolicyPermissionVO(iamPolicyId, action, entityType, accessType, scope, scopeId, perm,
                     recursive);
             _policyPermissionDao.persist(permit);
         }
@@ -642,16 +642,16 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public IAMPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    public IAMPolicy removeIAMPermissionFromIAMPolicy(long iamPolicyId, String entityType, String scope, Long scopeId,
             String action) {
         // get the Acl Policy entity
-        IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        IAMPolicy policy = _aclPolicyDao.findById(iamPolicyId);
         if (policy == null) {
-            throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
+            throw new InvalidParameterValueException("Unable to find acl policy: " + iamPolicyId
                     + "; failed to revoke permission from policy.");
         }
         // remove entry from acl_entity_permission table
-        IAMPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, Permission.Allow);
+        IAMPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(iamPolicyId, entityType, scope, scopeId, action, Permission.Allow);
         if (permit != null) {
             // not removed yet
             _policyPermissionDao.remove(permit.getId());
@@ -661,7 +661,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public void removeAclPermissionForEntity(final String entityType, final Long entityId) {
+    public void removeIAMPermissionForEntity(final String entityType, final Long entityId) {
         Transaction.execute(new TransactionCallbackNoReturn() {
             @Override
             public void doInTransactionWithoutResult(TransactionStatus status) {
@@ -673,7 +673,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
                     // remove the policy if there are no other permissions
                     if ((_policyPermissionDao.listByPolicy(policyId)).isEmpty()) {
-                        deleteAclPolicy(policyId);
+                        deleteIAMPolicy(policyId);
                     }
                 }
             }
@@ -682,11 +682,11 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public IAMPolicy resetAclPolicy(long aclPolicyId) {
+    public IAMPolicy resetIAMPolicy(long iamPolicyId) {
         // get the Acl Policy entity
-        IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        IAMPolicy policy = _aclPolicyDao.findById(iamPolicyId);
         if (policy == null) {
-            throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
+            throw new InvalidParameterValueException("Unable to find acl policy: " + iamPolicyId
                     + "; failed to reset the policy.");
         }
 
@@ -695,7 +695,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
         sb.and("scope", sb.entity().getScope(), SearchCriteria.Op.EQ);
         sb.done();
         SearchCriteria<IAMPolicyPermissionVO> permissionSC = sb.create();
-        permissionSC.setParameters("policyId", aclPolicyId);
+        permissionSC.setParameters("policyId", iamPolicyId);
         _policyPermissionDao.expunge(permissionSC);
 
         return policy;
@@ -736,7 +736,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     @Override
     public List<Long> getGrantedEntities(long accountId, String action, String scope) {
         // Get the static Policies of the Caller
-        List<IAMPolicy> policies = listAclPolicies(accountId);
+        List<IAMPolicy> policies = listIAMPolicies(accountId);
         // for each policy, find granted permission within the given scope
         List<Long> entityIds = new ArrayList<Long>();
         for (IAMPolicy policy : policies) {

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63098878/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
index 883fd5c..a112a3e 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
@@ -26,11 +26,11 @@ public class IAMAccountPolicyMapDaoImpl extends GenericDaoBase<IAMAccountPolicyM
         ListByAccountId.done();
 
         ListByPolicyId = createSearchBuilder();
-        ListByPolicyId.and("policyId", ListByPolicyId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+        ListByPolicyId.and("policyId", ListByPolicyId.entity().getIAMPolicyId(), SearchCriteria.Op.EQ);
         ListByPolicyId.done();
 
         findByPolicyAccountId = createSearchBuilder();
-        findByPolicyAccountId.and("policyId", findByPolicyAccountId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+        findByPolicyAccountId.and("policyId", findByPolicyAccountId.entity().getIAMPolicyId(), SearchCriteria.Op.EQ);
         findByPolicyAccountId.and("accountId", findByPolicyAccountId.entity().getAccountId(), SearchCriteria.Op.EQ);
         findByPolicyAccountId.done();
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63098878/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
----------------------------------------------------------------------
diff --git a/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java b/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
index 8760199..53cfc71 100644
--- a/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
+++ b/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
@@ -114,19 +114,19 @@ public class IAMServiceUnitTest {
 
     @Test(expected = InvalidParameterValueException.class)
     public void createAclGroupTest() {
-        IAMGroup group = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
+        IAMGroup group = _iamService.createIAMGroup("group1", "my first group", "/root/mydomain");
         assertNotNull("Acl group 'group1' failed to create ", group);
 
         IAMGroupVO group2 = new IAMGroupVO("group1", "my second group");
         when(_aclGroupDao.findByName(eq("/root/mydomain"), eq("group1"))).thenReturn(group2);
 
-        IAMGroup group3 = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
+        IAMGroup group3 = _iamService.createIAMGroup("group1", "my first group", "/root/mydomain");
     }
 
     @Test(expected = InvalidParameterValueException.class)
     public void deleteAclGroupInvalidIdTest() {
         when(_aclGroupDao.findById(20L)).thenReturn(null);
-        _iamService.deleteAclGroup(20L);
+        _iamService.deleteIAMGroup(20L);
     }
 
     @Test
@@ -145,19 +145,19 @@ public class IAMServiceUnitTest {
 
     @Test(expected = InvalidParameterValueException.class)
     public void createAclPolicyTest() {
-        IAMPolicy policy = _iamService.createAclPolicy("policy1", "my first policy", null, "/root/mydomain");
+        IAMPolicy policy = _iamService.createIAMPolicy("policy1", "my first policy", null, "/root/mydomain");
         assertNotNull("Acl policy 'policy1' failed to create ", policy);
 
         IAMPolicyVO rvo = new IAMPolicyVO("policy2", "second policy");
         when(_aclPolicyDao.findByName(eq("policy2"))).thenReturn(rvo);
 
-        _iamService.createAclPolicy("policy2", "second policy", null, "/root/mydomain");
+        _iamService.createIAMPolicy("policy2", "second policy", null, "/root/mydomain");
     }
 
     @Test(expected = InvalidParameterValueException.class)
     public void deleteAclPolicyInvalidIdTest() {
         when(_aclPolicyDao.findById(34L)).thenReturn(null);
-        _iamService.deleteAclPolicy(34L);
+        _iamService.deleteIAMPolicy(34L);
     }
 
     @Configuration


Mime
View raw message